Net Use Network Share CLI

net use n: \\\\192.168.220.129\\Finance /user:plaintext Password123

Windows Dir Syntax to search for a file through multiple sub-directories

n:\\*secret* /s /b

Find a string in files (Windows Grep)

findstr /s /i cred n:\\*.*

Powershell mount network drive

Interacting with Common Services
PS C:\\htb> $username = 'plaintext'
PS C:\\htb> $password = 'Password123'
PS C:\\htb> $secpassword = ConvertTo-SecureString $password -AsPlainText -Force
PS C:\\htb> $cred = New-Object System.Management.Automation.PSCredential $username, $secpassword
PS C:\\htb> New-PSDrive -Name "N" -Root "\\\\192.168.220.129\\Finance" -PSProvider "FileSystem" -Credential $cred

Powershell: Search for files in a directories

Get-ChildItem -Recurse -Path N:\\ -Include *cred* -File

Powershell Grep:

Get-ChildItem -Recurse -Path N:\\ | Select-String "cred" -Lis

MSSQL CLI

sqsh -S 10.129.20.13 -U username -P Password123

MSSQL on Windows

sqlcmd -S 10.129.20.13 -U username -P Password123

FTP Bounce Attack

nmap -Pn -v -n -p80 -b <anonymous:[email protected]> 172.17.0.2

Medusa Syntax

medusa -u fiona -P /usr/share/wordlists/rockyou.txt -h 10.129.203.7 -M ftp